JavaAdapterClassLoader.java revision 1643:133ea8746b37
1/* 2 * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26package jdk.nashorn.internal.runtime.linker; 27 28import java.lang.reflect.Module; 29import java.security.AccessControlContext; 30import java.security.AccessController; 31import java.security.PrivilegedAction; 32import java.security.ProtectionDomain; 33import java.security.SecureClassLoader; 34import java.util.Arrays; 35import java.util.Collection; 36import java.util.Collections; 37import java.util.HashSet; 38import java.util.Set; 39import jdk.dynalink.beans.StaticClass; 40import jdk.nashorn.internal.codegen.DumpBytecode; 41import jdk.nashorn.internal.runtime.Context; 42import jdk.nashorn.internal.runtime.JSType; 43import jdk.nashorn.internal.runtime.ScriptFunction; 44import jdk.nashorn.internal.runtime.ScriptObject; 45import jdk.internal.module.Modules; 46 47/** 48 * This class encapsulates the bytecode of the adapter class and can be used to load it into the JVM as an actual Class. 49 * It can be invoked repeatedly to create multiple adapter classes from the same bytecode; adapter classes that have 50 * class-level overrides must be re-created for every set of such overrides. Note that while this class is named 51 * "class loader", it does not, in fact, extend {@code ClassLoader}, but rather uses them internally. Instances of this 52 * class are normally created by {@code JavaAdapterBytecodeGenerator}. 53 */ 54final class JavaAdapterClassLoader { 55 private static final Module nashornModule = JavaAdapterClassLoader.class.getModule(); 56 private static final Set<String> adapterPkgs = new HashSet<>(); 57 static { 58 adapterPkgs.add(JavaAdapterBytecodeGenerator.ADAPTER_PACKAGE); 59 } 60 61 private static final AccessControlContext CREATE_LOADER_ACC_CTXT = ClassAndLoader.createPermAccCtxt("createClassLoader"); 62 private static final AccessControlContext GET_CONTEXT_ACC_CTXT = ClassAndLoader.createPermAccCtxt(Context.NASHORN_GET_CONTEXT); 63 private static final Collection<String> VISIBLE_INTERNAL_CLASS_NAMES = Collections.unmodifiableCollection(new HashSet<>( 64 Arrays.asList(JavaAdapterServices.class.getName(), ScriptObject.class.getName(), ScriptFunction.class.getName(), JSType.class.getName()))); 65 66 private final String className; 67 private final byte[] classBytes; 68 private final Set<Module> accessedModules; 69 70 JavaAdapterClassLoader(final String className, final byte[] classBytes, final Set<Module> accessedModules) { 71 this.className = className.replace('/', '.'); 72 this.classBytes = classBytes; 73 this.accessedModules = accessedModules; 74 } 75 76 /** 77 * Loads the generated adapter class into the JVM. 78 * @param parentLoader the parent class loader for the generated class loader 79 * @param protectionDomain the protection domain for the generated class 80 * @return the generated adapter class 81 */ 82 StaticClass generateClass(final ClassLoader parentLoader, final ProtectionDomain protectionDomain) { 83 assert protectionDomain != null; 84 return AccessController.doPrivileged(new PrivilegedAction<StaticClass>() { 85 @Override 86 public StaticClass run() { 87 try { 88 return StaticClass.forClass(Class.forName(className, true, createClassLoader(parentLoader, protectionDomain))); 89 } catch (final ClassNotFoundException e) { 90 throw new AssertionError(e); // cannot happen 91 } 92 } 93 }, CREATE_LOADER_ACC_CTXT); 94 } 95 96 private static void addExports(final Module from, final String pkg, final Module to) { 97 if (to == null) { 98 Modules.addExportsToAll(from, pkg); 99 } else { 100 Modules.addExports(from, pkg, to); 101 } 102 } 103 104 // Note that the adapter class is created in the protection domain of the class/interface being 105 // extended/implemented, and only the privileged global setter action class is generated in the protection domain 106 // of Nashorn itself. Also note that the creation and loading of the global setter is deferred until it is 107 // required by JVM linker, which will only happen on first invocation of any of the adapted method. We could defer 108 // it even more by separating its invocation into a separate static method on the adapter class, but then someone 109 // with ability to introspect on the class and use setAccessible(true) on it could invoke the method. It's a 110 // security tradeoff... 111 private ClassLoader createClassLoader(final ClassLoader parentLoader, final ProtectionDomain protectionDomain) { 112 return new SecureClassLoader(parentLoader) { 113 private final ClassLoader myLoader = getClass().getClassLoader(); 114 115 // new adapter module 116 private final Module adapterModule = Modules.defineModule(this, "jdk.scripting.nashorn.javaadapters", adapterPkgs); 117 118 { 119 // new adapter module exports and read-edges 120 addExports(adapterModule, JavaAdapterBytecodeGenerator.ADAPTER_PACKAGE, null); 121 Modules.addReads(adapterModule, nashornModule); 122 Modules.addReads(adapterModule, Object.class.getModule()); 123 for (Module mod : accessedModules) { 124 Modules.addReads(adapterModule, mod); 125 } 126 127 // specific exports from nashorn to the new adapter module 128 nashornModule.addExports("jdk.nashorn.internal.runtime", adapterModule); 129 nashornModule.addExports("jdk.nashorn.internal.runtime.linker", adapterModule); 130 131 // nashorn should be be able to read methods of classes loaded in adapter module 132 nashornModule.addReads(adapterModule); 133 } 134 135 @Override 136 public Class<?> loadClass(final String name, final boolean resolve) throws ClassNotFoundException { 137 try { 138 Context.checkPackageAccess(name); 139 return super.loadClass(name, resolve); 140 } catch (final SecurityException se) { 141 // we may be implementing an interface or extending a class that was 142 // loaded by a loader that prevents package.access. If so, it'd throw 143 // SecurityException for nashorn's classes!. For adapter's to work, we 144 // should be able to refer to the few classes it needs in its implementation. 145 if(VISIBLE_INTERNAL_CLASS_NAMES.contains(name)) { 146 return myLoader != null? myLoader.loadClass(name) : Class.forName(name, false, myLoader); 147 } 148 throw se; 149 } 150 } 151 152 @Override 153 protected Class<?> findClass(final String name) throws ClassNotFoundException { 154 if(name.equals(className)) { 155 assert classBytes != null : "what? already cleared .class bytes!!"; 156 157 final Context ctx = AccessController.doPrivileged(new PrivilegedAction<Context>() { 158 @Override 159 public Context run() { 160 return Context.getContext(); 161 } 162 }, GET_CONTEXT_ACC_CTXT); 163 DumpBytecode.dumpBytecode(ctx.getEnv(), ctx.getLogger(jdk.nashorn.internal.codegen.Compiler.class), classBytes, name); 164 return defineClass(name, classBytes, 0, classBytes.length, protectionDomain); 165 } 166 throw new ClassNotFoundException(name); 167 } 168 }; 169 } 170} 171